Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

upgrade to Staticman v3 #1

Closed
VincentTam opened this issue Mar 3, 2021 · 8 comments · Fixed by #2
Closed

upgrade to Staticman v3 #1

VincentTam opened this issue Mar 3, 2021 · 8 comments · Fixed by #2

Comments

@VincentTam
Copy link
Contributor

💡 The official quick start guide says that authentication via GitHub App is preferred over the traditional GitHub bot: https://staticman.net/docs/getting-started.html

If using GitHub to host the static site repo:
Option 1. Authenticate as a GitHub application
This is the recommended way to authenticate with GitHub. This method will give the most control over what Staticman can and can’t access.

⚠️ By using a private GitHub App instead of a GitHub bot, you can avoid others using your GitHub bot (c.f. wetty/www.wetterer.de#6).

ℹ️ For the API setup, apart from Staticman's official site, you may
@VincentTam VincentTam mentioned this issue Mar 3, 2021
Merged
@MichaelRumpler MichaelRumpler reopened this Mar 3, 2021
@MichaelRumpler
Copy link
Owner

MichaelRumpler commented Mar 3, 2021
edited
Loading

This doesn't seem to work.

I tried to specify the GITHUB_PRIVATE_KEY in one line with or without \n like I specified the RSA_PRIVATE_KEY but I got:

2021-03-03T15:30:15.017381+00:00 app[web.1]: node:internal/crypto/sig:124
2021-03-03T15:30:15.017426+00:00 app[web.1]: const ret = this[kHandle].sign(data, format, type, passphrase, rsaPadding,
2021-03-03T15:30:15.017427+00:00 app[web.1]: ^
2021-03-03T15:30:15.017427+00:00 app[web.1]:
2021-03-03T15:30:15.017430+00:00 app[web.1]: Error: error:0909006C:PEM routines:get_name:no start line
2021-03-03T15:30:15.017430+00:00 app[web.1]: at Sign.sign (node:internal/crypto/sig:124:29)
2021-03-03T15:30:15.018853+00:00 app[web.1]: library: 'PEM routines',
2021-03-03T15:30:15.018853+00:00 app[web.1]: function: 'get_name',
2021-03-03T15:30:15.018854+00:00 app[web.1]: reason: 'no start line',
2021-03-03T15:30:15.018854+00:00 app[web.1]: code: 'ERR_OSSL_PEM_NO_START_LINE'

And when I specify the key in multiple lines (copied the .pem file as is), then I got

2021-03-03T15:35:00.270122+00:00 app[web.1]: /app/node_modules/@octokit/request/dist-node/index.js:66
2021-03-03T15:35:00.270180+00:00 app[web.1]: const error = new requestError.RequestError(message, status, {
2021-03-03T15:35:00.270182+00:00 app[web.1]: ^
2021-03-03T15:35:00.270182+00:00 app[web.1]:
2021-03-03T15:35:00.270183+00:00 app[web.1]: RequestError [HttpError]: Not Found
2021-03-03T15:35:00.270183+00:00 app[web.1]: at /app/node_modules/@octokit/request/dist-node/index.js:66:23
2021-03-03T15:35:00.270184+00:00 app[web.1]: at processTicksAndRejections (node:internal/process/task_queues:94:5)
2021-03-03T15:35:00.270185+00:00 app[web.1]: at async GitHub._authenticate (/app/lib/GitHub.js:60:20)
2021-03-03T15:35:00.270185+00:00 app[web.1]: at async /app/lib/GitHub.js:31:21
2021-03-03T15:35:00.270185+00:00 app[web.1]: at async /app/lib/Staticman.js:32:18
2021-03-03T15:35:00.270186+00:00 app[web.1]: at async module.exports (/app/controllers/process.js:126:21) {
2021-03-03T15:35:00.270186+00:00 app[web.1]: status: 404,
2021-03-03T15:35:00.270187+00:00 app[web.1]: headers: {
2021-03-03T15:35:00.270187+00:00 app[web.1]: 'access-control-allow-origin': '*',
2021-03-03T15:35:00.270188+00:00 app[web.1]: 'access-control-expose-headers': 'ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, Deprecation, Sunset',
2021-03-03T15:35:00.270189+00:00 app[web.1]: connection: 'close',
2021-03-03T15:35:00.270189+00:00 app[web.1]: 'content-encoding': 'gzip',
2021-03-03T15:35:00.270189+00:00 app[web.1]: 'content-security-policy': "default-src 'none'",
2021-03-03T15:35:00.270190+00:00 app[web.1]: 'content-type': 'application/json; charset=utf-8',
2021-03-03T15:35:00.270191+00:00 app[web.1]: date: 'Wed, 03 Mar 2021 15:35:00 GMT',
2021-03-03T15:35:00.270191+00:00 app[web.1]: 'referrer-policy': 'origin-when-cross-origin, strict-origin-when-cross-origin',
2021-03-03T15:35:00.270192+00:00 app[web.1]: server: 'GitHub.com',
2021-03-03T15:35:00.270192+00:00 app[web.1]: 'strict-transport-security': 'max-age=31536000; includeSubdomains; preload',
2021-03-03T15:35:00.270193+00:00 app[web.1]: 'transfer-encoding': 'chunked',
2021-03-03T15:35:00.270193+00:00 app[web.1]: vary: 'Accept-Encoding, Accept, X-Requested-With',
2021-03-03T15:35:00.270194+00:00 app[web.1]: 'x-content-type-options': 'nosniff',
2021-03-03T15:35:00.270194+00:00 app[web.1]: 'x-frame-options': 'deny',
2021-03-03T15:35:00.270194+00:00 app[web.1]: 'x-github-media-type': 'github.v3; param=machine-man-preview; format=json',
2021-03-03T15:35:00.270195+00:00 app[web.1]: 'x-github-request-id': '960E:FF96:29CEF1:2C1610:603FACA4',
2021-03-03T15:35:00.270195+00:00 app[web.1]: 'x-xss-protection': '1; mode=block'
2021-03-03T15:35:00.270195+00:00 app[web.1]: },
2021-03-03T15:35:00.270196+00:00 app[web.1]: request: {
2021-03-03T15:35:00.270196+00:00 app[web.1]: method: 'GET',
2021-03-03T15:35:00.270196+00:00 app[web.1]: url: 'https://api.github.com/repos/MichaelRumpler/MichaelRumpler.github.io/installation',
2021-03-03T15:35:00.270197+00:00 app[web.1]: headers: {
2021-03-03T15:35:00.270197+00:00 app[web.1]: accept: 'application/vnd.github.machine-man-preview+json',
2021-03-03T15:35:00.270198+00:00 app[web.1]: 'user-agent': 'octokit-request.js/5.3.1 Node.js/15.10.0 (Linux 4.4; x64)',
2021-03-03T15:35:00.270198+00:00 app[web.1]: authorization: 'Bearer [REDACTED]'
2021-03-03T15:35:00.270198+00:00 app[web.1]: }
2021-03-03T15:35:00.270199+00:00 app[web.1]: },
2021-03-03T15:35:00.270199+00:00 app[web.1]: documentation_url: 'https://docs.github.com/rest/reference/apps#get-a-repository-installation-for-the-authenticated-app'
2021-03-03T15:35:00.270199+00:00 app[web.1]: }

I needed to remove the GITHUB_PRIVATE_KEY completely to make it work with v2 again. So I guess it doesn't recognize the format, but I did the same what I did for the RSA_PRIVATE_KEY and that seems to work.

@VincentTam
Copy link
Contributor Author

Oops I forgotten to mention the permissions needed for GitHub Apps in my guide. Here's the official one: https://staticman.net/docs/getting-started.html.

@MichaelRumpler
Copy link
Owner

I did that (+ Read for Metadata).

@VincentTam
Copy link
Contributor Author

That seems to be a back-end setup question. Staticman's GitHub repo's issues/discussions are a place for this kind of questions b/c you might get help from fellow Staticman users there.

@VincentTam
Copy link
Contributor Author

Screenshot from 2021-03-03 17-54-01
210303-gpk
You need GITHUB_PRIVATE_KEY to use GitHub App.

@MichaelRumpler
Copy link
Owner

This is what I tried...
I also still had the GITHUB_TOKEN specified. Maybe that must be deleted. I'll try that and post to the staticman issue if it doesn't fix it.

@MichaelRumpler
Copy link
Owner

No, still no success.

I added the latest info to eduardoboucas/staticman#406

@MichaelRumpler
Copy link
Owner

Ok, the key has to be set with newlines and I forgot to install the newly created app.

Thanks again for your help @VincentTam !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Use Staticman v3 API scheme VincentTam/MichaelRumpler.github.io
2 participants
@VincentTam @MichaelRumpler